1. Field of the Invention
The present invention relates to the field of security systems; more particularly, the present invention relates to a method and apparatus for preventing unauthorized usage of a device, such as a computer system.
2. Description of Related Art
A computer system typically includes a mass storage device, such as a hard disk drive, which is often used to store confidential information. The value of maintaining the confidentiality of the information often far exceeds the value of the computer system itself.
Some computer systems utilize password protection to prevent unauthorized access to confidential information. Before access to the information is granted by the computer system, the user is required to enter a password, preferably known only to authorized users. One problem with password protection is that many passwords are learned by unauthorized users by numerous well known methods, such as overhearing the password being told to someone, overseeing the password being typed, or determining the password through the use of software tools that make numerous guesses until access is granted. Alternatively, password protection may often be defeated by modifying software, such as the operating system, or replacing or rewriting the bidirectional input/output system (BIOS), for example, to bypass the password request routine. Thus, password protection may not provide an adequate level of protection against unauthorized access when considering the potential value of the information stored in the computer system.
Some computer systems utilize a mechanical lock that acts as a switch to control access to the mass storage device. Before access to the information is granted by the computer system, the user is required to use a mechanical key to turn the lock to the active position. One problem with a mechanical lock is that such a system may be defeated by stealing or duplicating the mechanical key. Alternatively, the mechanical lock may be bypassed through relatively simple mechanical or electrical means, such as picking the lock or shorting the open circuit of the mechanical lock in the inactive position. Thus, mechanical lock protection may not provide an adequate level of protection against unauthorized access when considering the potential value of the information stored in the computer system.
What is needed is a method and apparatus to prevent unauthorized access of a computer system such that the method and apparatus is less susceptible to unauthorized access than a password and/or a mechanical lock.